JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.36

104.207.49.36 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.36

Whois 104.207.49.36

IP Abuse Reports for 104.207.49.36:

This IP address has been reported a total of 142 times from 16 distinct sources. 104.207.49.36 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-04-19 03:49:41 (1 month ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /db.sql (Rule ID: 920440) - URL file extension is restricted by policy show less	Web App Attack SQL Injection Hacking
Anonymous	2026-04-14 07:05:07 (1 month ago)	Blocked: Reason='Possible SQL injection activity (122/60 min)'; Requests=122	SQL Injection
🇪🇸 librebit	2026-04-06 13:28:59 (1 month ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-18 02:23:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:23:11.390057 2026] [security2:error] [pid 12127:tid 12127] [client 104.207.49.36:49331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reneehill.net"] [uri "/.env.staging"] [unique_id "aZUij7cJm9jvaaFAREfxpgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 02:04:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:04:29.508292 2026] [security2:error] [pid 10900:tid 10900] [client 104.207.49.36:56283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-cook-islands.com"] [uri "/.env.staging"] [unique_id "aZUeLS8fHGptbmc16Vum5AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:56:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:56:33.281237 2026] [security2:error] [pid 17094:tid 17094] [client 104.207.49.36:62401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raaksystems.com"] [uri "/site/.git/config"] [unique_id "aZUOQdB-qBohitZ0pw9DxQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2026-01-29 21:25:27 (4 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:49:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:49:21.168180 2025] [security2:error] [pid 27367:tid 27367] [client 104.207.49.36:58829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jhonbens.com"] [uri "/.git/HEAD"] [unique_id "aSbpQbJeHfSQIRwZbuKd9QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:05:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:05:38.301611 2025] [security2:error] [pid 19193:tid 19193] [client 104.207.49.36:34867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.marat.info"] [uri "/.env"] [unique_id "aSbfAhVAyjI-ngJ_Hub8vQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:54:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:54:45.932120 2025] [security2:error] [pid 20541:tid 20541] [client 104.207.49.36:13163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.inquiryroom.com"] [uri "/.svn/wc.db"] [unique_id "aSbOZb7vEdjkROi74c5rrQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:38:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:38:20.154351 2025] [security2:error] [pid 2592977:tid 2592977] [client 104.207.49.36:60083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.davidsonmanagement.net"] [uri "/.git/HEAD"] [unique_id "aSa8fGZmchGqMC7Ya84-1AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:07:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:07:52.150141 2025] [security2:error] [pid 336:tid 336] [client 104.207.49.36:48921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thelastnoel.com"] [uri "/.git/HEAD"] [unique_id "aSanSMtKpOd4Khj2GVOFjgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:50:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:50:09.805257 2025] [security2:error] [pid 19486:tid 19486] [client 104.207.49.36:40717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dev.ianmagarzo.com"] [uri "/.svn/wc.db"] [unique_id "aSajIcS1b1WvoNOUiSKzEAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:27:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:27:35.145694 2025] [security2:error] [pid 22997:tid 22997] [client 104.207.49.36:54017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.architx.com"] [uri "/.git/HEAD"] [unique_id "aSaPxxuQEGzS5DTFfQrzaQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:50:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:50:50.310589 2025] [security2:error] [pid 8519:tid 8519] [client 104.207.49.36:48387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vccemail.net"] [uri "/.env"] [unique_id "aSZrCjnWTE_waQy0MYQiCQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:67c:2628:647:32:704:0:2e3

🇺🇸 2001:67c:2628:647:32:604:0:32

🇺🇸 172.174.72.225

🇺🇸 136.117.57.77

🇺🇸 2001:67c:2628:647:34:603:0:e

🇺🇸 2001:67c:2628:647:32:804:0:2f9

🇺🇸 2001:67c:2628:647:32:704:0:3ad

🇧🇷 190.111.137.163

🇨🇳 121.235.37.13

🇫🇷 51.91.51.45

🇺🇸 20.64.105.148

🇺🇸 2001:67c:2628:647:35:402:0:83

🇨🇳 218.78.141.61

🇷🇺 212.23.69.121

🇧🇴 181.115.208.149

🇺🇸 142.252.75.7

🇩🇪 104.248.133.110

🇸🇪 45.84.107.172

🇮🇳 182.95.217.182

🇩🇪 167.94.146.66